include:
* MYSQL_CHARACTER_SET option.
* Allow underscores, colons and plusses, in account names.
* Add {MD5RAW} hash method.
* Fix runtime problems with hardcoded file descriptors in the daemon
code by using OPEN_MAX instead.
include:
* authpipe.c (auth_pipe_pre): Fix leak when authpipe module is
enabled, but the actual authpipe script/external prog is not
installed.
* authmysqlrc: Implement SSL-encrypted MySQL connections
* authldaplib.c (l_simple_bind_s): Fix anon binds.
* authldaplib.c (auth_ldap_enumerate): Fix LDAP account enumeration
* userdb/makeuserdb.in: Added the -f option to makeuserdb
* authldaplib.c: Try to recover when the LDAP server closes the
persistent socket, for inactivity.
include:
* authlib: create the authtest and authpasswd manual pages.
* authdaemon.c (auth_generic): Silly bug in auth_generic().
* authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd().
* authpgsqllib.c (auth_pgsql_setpass): Ditto.
* authmysqllib.c (auth_mysql_setpass): Ditto.
* authmysqllib.c (auth_mysql_setpass): Fix a memory leak.
* authpipe: more fixes to the authpipe module.
* authpipe: various fixes to the authpipe module.
* authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe
module.
* New authpipe authentication module.
* authldap.schema: Add mailhost to the recommended LDAP schema.
* README_authlib.sgml: Document updated authpipe protocol.
* cryptpassword.c (authcryptpasswd): Fix handling of encryption hints.
* checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on
crypted passwords.
* checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords.
* authdaemond.c: Strip full name/gecos field after the first comma.
* authdaemond: Pass LOGGEROPTS option to authdaemond.
* liblog/logger.c: Fix wrong args to setuidgid().
* liblog/logger.c: Added -droproot option to courierlogger.
* liblock/lockdaemon.c: Try to recover if upgraded daemon process runs
under a different uid.
* Changed -uid and -gid options to -user and -group for consistency
with couriertcpd. Change them to affect courierlogger itself,
after it has spawned any child.
* Optional default domain for authentication requests.
* Fix the error code when an empty password is provided.
the courier Makefile adds it to all of the flags again. This avoids
situations where you end up with a flag that looks like "-Wl,-Wl,...".
This should fix the problem noted in pkg/29777.
support is built into courier-authlib -- -lintl is only needed by the
authpgsql authentication module. This avoids problems when linking
clients with -lcourierauth and the linker thinks -lintl is needed when
it really doesn't. Bump the PKGREVISION to 3.
The Courier authentication library provides authentication services for
other Courier applications. In this context, the term "authentication"
refers to the following functions:
1. Take a userid or a loginid, and a password. Determine whether the
loginid and the password are valid.
2. Given a userid, obtain the following information about the userid:
A. The account's home directory.
B. The numeric system userid and groupid that owns all files
associated with this account.
C. The location of the account's maildir.
D. Any maildir quota defined for this account. See the Courier
documentation for more information on maildir quotas.
E. Other miscellaneous account-specific options.
3. Change the password associated with a loginid.
4. Obtain a complete list of all loginids.
